ЕСОЗ - публічна документація
[DRAFT] REST API signComposition [API-006-001-001-0212]
Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.
https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)
- 1 Properties of a REST API method document
- 2 Purpose
- 3 Logic
- 4 Configuration parameters
- 5 Dictionaries
- 6 Input parameters
- 7 Request structure
- 8 Headers
- 9 Request data validation
- 10 Authorize
- 11 Processing
- 12 Response structure examples
- 13 HTTP status codes
- 14 Post-processing processes
- 15 Technical modules where the method is used
Properties of a REST API method document
Document type | Метод REST API |
---|---|
Document title | [DRAFT] REST API signComposition [API-006-001-001-0212] |
Guideline ID | GUI-0011 |
Author | @ |
Document version | 1 |
Document status | DRAFT |
Date of creation | ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD) |
Date of update | ХХ.ХХ.ХХХХ (дата зміни версії) |
Method API ID | API-006-001-001-0212 |
Microservices (namespace) | MC |
Component | Compositions |
Component ID | COM-006-001 |
Link на API-специфікацію | https://app.swaggerhub.com/apis/ehealthua/compositions/Prod#/main/signComposition |
Resource |
|
Scope | composition:sign |
Protocol type | REST |
Request type | PATCH |
Sync/Async | Async |
Public/Private | Public |
Purpose
This method allows to sign a draft of Composition of all types and categories. The final goal of the task is to sign the draft after checking the signed content match, signer match and signature overlay check.
Used in processes:
3. Скасування (загальний процес)
5. Продовження / скорочення МВТН
6. Уточнення (preperson -> person) для МВТН
RC_7. Створення МВ “на заміну”
Logic
Configuration parameters
N/A
Dictionaries
N/A
Input parameters
Input parameter | Mandatory | Type | Description | Example | |
---|---|---|---|---|---|
1 | compositionId |
| String ($uuid) (path) | Composition object ID | 4fd87fa2-1beb-44ff-a7cc-c1759e1c6e9b |
2 |
|
|
|
|
|
Request structure
See on SwaggerHub
Headers
Request data validation
Authorize
Check user scopes in order to perform this action (scope = 'composition:sign')
return 401 (Unauthorized) in case of invalid scope(s)
Checking the existence of other Composition tasks for signing
Search in task_queue other tasks with SIGN_COMPOSITION type and status isn’t FAILED
In case of error (such task is found) - return 1142 (ANOTHER_SIGN_TASK_ALREADY_EXIST)
Encounter.value uniqueness check. Check that such Encounter.value not used in another Composition with the same type, category and in "Final" status
If it used - return 1127 (FINAL_COMPOSITION_FOR_ENCOUNTER_ALREADY_EXISTS)
Checking the signing delay
If signing time does not match with value in EMAL_FILTER_SIGN_CREATE_DELAY_DISABILITY, EMAL_FILTER_SIGN_CREATE_DELAY_NEWBORN - return 1124 (CREATE_SIGN_DELAY_EXCEEDED)
Verification of signature overlay
The body of the signature in the request transfers to the DS service by RPC method “decode_signed_content”
If service:
Returned a null field “content” - return error 1019 (SIGVER_FAILED_NO_PAYLOAD) with explanation "content is null or blank"
Did not return a response (or returned a response of an inappropriate structure) - return error 1099 (SIGVER_FAILED_BAD_CONTENT)
Returned any value in the "validation_error_message" field - return error 1020 (SIGVER_FAILED_BAD_CERT)
Did not return any signature - return error 1021 (SIGVER_FAILED_NO_SIGNATURES)
Returned several signatures - return error 1022 (SIGVER_FAILED_MULTIPLE_SIGNATURES)
For every signatures that were overlayed
Check the value of the "is_valid field" in the RPC service response
If there is at least one invalid signature - return 1023 (SIGVER_FAILED_INVALID_SIGNATURE)
Validation of signed content
Checks the status of the signing object
If the status is not equal to PRELIMINARY - return error 1041 (CANT_SIGN_NON_PRELIMINARY_COMPOSITION)
Checks the content in the signed object and compares it to the Composition object
If the content does not match - return 1042 (SIGNING_CONTENT_MISMATCH)
Signer Check. The application receives information about the signer from the certificate of qualified electronic signature from the service (the value of the field corresponding to the RNOCPP(individual tax number) from the certificate)
Сompliance check RNOCPP (individual tax number) with data specified in the employee profile (Composition.author)
If employee.party.no_tax_id == true then it is verified that the value of DRFO corresponds to at least one of the documents for employee.party. The rules of transliteration of letters are applied for comparing
If a match isn't found - return 1024 (SIGVER_FAILED_DOCUMENTS_DONT_MATCH)
In all other options - check that the employee.party.tax_id value is equal to the DRFO field in the signer's certificate
if the fields are not equal - return 1025 (SIGVER_FAILED_DRFO_DOESNT_MATCH)
Checking the related Composition:
If Composition’s status in target.identifier is “Amended” - return 1184 (CANT_SIGN_INVALID_RELATED_STATUS)
If RelatesTo.code is “appends” or “transforms” and Composition’s status in target.identifier isn’t “Final” - return 1184 (CANT_SIGN_INVALID_RELATED_STATUS)
If RelatesTo.code is “replaces” - check for status change: FINAL-> AMENDED, ENTERED_IN_ERROR -> ENTERED_IN_ERROR
In case of error - return 1184 (CANT_SIGN_INVALID_RELATED_STATUS)
Processing
Checking the existence of other Composition tasks for signing. Logic - to check if there are other tasks in the system for the same Composition waiting for signature verification. Such a procedure is necessary to prevent several parallel requests for signing the same Composition.
Encounter.value uniqueness check: Check that such Encounter.value not used in another Composition with the same type, category and in "Final" status
Checking the signing delay: Check that allowed delay time between the creation of the draft and the direct signing of the Composition match with current configuration.
Verification of signature overlay: Checks that the signature is overlaid correctly and the signature is valid
Validation of signed content: checks that the signature was applied to the corresponding Composition’s object record without any modifications after creating the draft
Signer Check: Checks the data in the signature certificate against the author data according to Composition.author and Employee data
Checking the related Composition: Check that specified in relatesTo Composition exists and has an appropriate status
Status update: Changes the Composition status in the database and related Composition’s status (in case of refinement Temporary Disability Composition)
Saving Composition: Saves the data of the signed Composition in the object drive (ceph)
For Temporary Disability Composition (for tasks that were successfully completed at this stage): Planning CREATE ERLN RECORD task (in PENDING status)
Response structure examples
See on SwaggerHub
HTTP status codes
Response code | HTTP Status code | Message | Internal name | Description | |
---|---|---|---|---|---|
1 | Базові | ||||
2 |
| 200 | In the case of successful creation of the task of signing the Composition |
|
|
3 | 1019 |
|
| SIGVER_FAILED_NO_PAYLOAD |
|
4 | 1020 |
|
| SIGVER_FAILED_BAD_CERT |
|
5 | 1021 |
|
| SIGVER_FAILED_NO_SIGNATURES |
|
6 | 1022 |
|
| SIGVER_FAILED_MULTIPLE_SIGNATURES |
|
7 | 1023 |
|
| SIGVER_FAILED_INVALID_SIGNATURE |
|
8 | 1024 |
|
| SIGVER_FAILED_DOCUMENTS_DONT_MATCH |
|
9 | 1025 |
|
| SIGVER_FAILED_DRFO_DOESNT_MATCH |
|
10 | 1099 |
|
| SIGVER_FAILED_BAD_CONTENT |
|
11 | 1124 |
|
| CREATE_SIGN_DELAY_EXCEEDED |
|
12 | 1127 |
|
| FINAL_COMPOSITION_FOR_ENCOUNTER_ALREADY_EXISTS |
|
13 | 1041 |
|
| CANT_SIGN_NON_PRELIMINARY_COMPOSITION |
|
14 | 1042 |
|
| SIGNING_CONTENT_MISMATCH |
|
15 | 1142 |
|
| ANOTHER_SIGN_TASK_ALREADY_EXIST |
|
16 | 1184 |
|
| CANT_SIGN_INVALID_RELATED_STATUS |
|
17 | Специфічні | ||||
18 |
|
|
|
|
|
Post-processing processes
N/A
Technical modules where the method is used
ЕСОЗ - публічна документація